Skip to main content

How does Kon Boot Works


Have you ever asked yourself about HOW KON-BOOT WORKS ??

What is KON-BOOT:


Kon Boot is an application which will bypass the authentication process of Windows based operating systems. Kon Boot can work on a USB flash drive, CD, or floppy diskette.

watch the video down below to see it in action

Now how does it works ??


The source code of Kon-boot has not been published by its author so it is not known  what it does exactly to hack the operating system. However some hypothesis can be made based on known technologies to determine how it works. In general, bootkits basically hook the 0x13 interruption routine that is usually provided by the BIOS of the computer. The role of this routine is to read sectors from the hard disk and to load them into a given location in RAM memory. By hooking this routine, bootkits such as Kon-boot or Vbootkit modify directly the code of the operating system when it is copied into main memory, just before its execution.


Note that Kon-Boot works with local accounts and domain accounts that have the credentials locally cached. I can't log on without a password for a domain account whose password isn't cached locally. Also, once I'm logged on with a domain account, no contact with the domain has taken place, so I have no token. So I can't talk to network resources as the domain account, I can just access local content on the box with that user's permissions.
This isn't really much different from many system recovery tools out there that enable access to NTFS volumes outside of Windows for recovery or password reset solutions. In fact, Microsoft provides its own set of solutions as part of the Desktop Optimization Pack in the form of Desktop and Recovery Toolset (DART), which has a local account password reset and NTFS access tool.
Like most other security bypass products and recovery solutions, Kon-Boot requires physical access to the box. If you give someone unprotected physical access to the box there, are many products and methods to gain access to information. There are key steps you can perform to provide protection from these attacks:
These basic steps will provide protection from most types of physical attack, including Kon-Boot.
Labels:

Comments

Post a Comment

Popular posts from this blog

TCP Flood & IP Spoofing Tutorial - Hping3 (With Effective Tricks)

hping is a command-line oriented TCP/IP packet assembler/analyzer. Using hping3 you are able to perform at least the following stuff: Test firewall rules Testing Network performance using different protocols, packet size, TOS (type of service) and fragmentation Remote OS fingerprinting. TCP/IP stack auditing Today, we will use hping3 for testing network performance. In other words we will use it to do DDOS Attack Tests. We can start “Help Document” by typing “hping3 --help” on the command line. Hping3 Important Parameters :  The flood parameter : Activates the fastest packet sending mode The destport(p) parameter : Specifies the destination port The spoof(a) parameter : Specifies which IP Adress is to be spoofed The rand-source parameter : Activates the random source address mode Although the above parameters are important, it should be selected which flag is set to determine the main attack type.  Main Attack Types :  The syn(S) param...
Post a Comment
Read more

Increase computer performance by hidden REGISTRY HACK

Having a computer whatever it’s desktop or laptop we play games of do something crazy. We wants to make our computer faster and improve its performance. There’s a lot of video on youtube but this video is quite different. If you are looking for a cool way to improve computer performance this is the perfect video for you. In this video you are going to learn a cool registry hack. Don’t worry it’s legal. Let’s do it. First go to “RUN” and then type “regedit” Then follow my steps. Before doing this I’m recommending   you to clean up your registry errors. I personally use Ccleaner to do this. After all just restart your computer and watch the different. It will optimize your computer speed and you will get a cool gaming experience. I promise you this video will change your experience. You don’t need any extra software like Advanced System Care to Tune Up utilities. This is a hidden Microsoft secret that most of hackers use. Go crazy and enjoy it. Thanks for watching a...
Post a Comment
Read more

Dos&DDos Attacks - Zombie - Botnets

Hi all, today i am going to write about Dos & DDos Attacks. Cyber security is based on three components. These are Confidentiality, Integrity and Accessibility(CIA). This type of attack is in the class of accessibility component. The level of danger of Dos&DDos attacks is lower than the other attack types because there is no possibility of an attacker to infiltrate the system in this attack type.   There are some things that need to be known before they go to Dos & DDos attacks. If the incoming DDos attack is bigger than the bandwidth you have, there is nothing you can do. If you want to protect yourself in this case, you need to get support from your ISP. The majority of Dos & DDos attacks are not bandwidth attacks. You can not always out of service the victim. Sometimes you just slow it down. Dos Attacks(Denial of Service) Dos attacks are the type of attack to make systems unserviceable. Attackers perform Dos attacks ...
Post a Comment
Read more